Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0283

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2003-0283
Last Modified 05 Sep 2008 04:33:57
Published 16 Jun 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2003-0283

Summary

Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail.

Vulnerable Systems

Application

  • Phorum 3.4.3


References

XF - phorum-message-html-injection(11974)

BID - 7545

BUGTRAQ - 20030509 Re: A Phorum's bug...

BUGTRAQ - 20030509 A Phorum's bug...


Last Updated: 27 May 2016 10:37:50